2.0 Release: Allow spin to configure production servers

[jaydrogers]

🚀 This project is in ACTIVE DEVELOPMENT

Track its progress here:

• https://github.com/orgs/serversideup/projects/12/views/2

👨‍🔬 Preview URL

• https://release-2-0.ssu-spin.pages.dev/

😕 Problem

• Laravel Sail focuses only on development environments. This dramatically reduces the benefits of running Docker in your environment

👉 Proposed solution

• Further develop spin as an alternative to Laravel Sail that allows users to deploy and manage services in any environment
• Make server management very simple to do with a simple user experience using proven and simple technologies

👋 Who spin is designed for

• People who want get 100% replication of Development through Production
• People who do not need the complexities of Kubernetes or uptime greater than 99.999%
• People who want to run their simple applications on a $5/mo server with any hosting provider of their choice

⭐️ Key Differences

Laravel Sail vs Spin

• spin will extend outside just the development environment
• spin will be language independent and can be installed directly to the system or included as a project dependency as a composer package or Node package
• spin will use Ansible + Docker to handle the deployment of production servers with zero-downtime deployments

Kubernetes vs Spin

• spin will focus on the simplicity of setting up an environment. The goal is to allow users to have zero-downtime deployments with automated SSL on a $5/mo server
• Not everyone needs the complexities of K8s

mrsked/mrsk vs Spin

• Spin will not create its own way of deploying containers
• Spin will be based off the proven and well documented standards of Docker Compose and Docker Swarm

🎨 Design & Structure

Single Binary called spin

• Everything will be compiled into a single, lightweight binary called spin
• spin will only be wrapper to other commands (such as Docker or Ansible)
• The only dependency will be having Docker installed on the machine, otherwise there should be no other dependencies

Follow Docker Standards

• spin will simply shortcut and optimize the user experience for people using Docker
• spin will follow all Docker and Docker Compose standards

Docker Overrides

• Users will be able to configure their projects following Docker Overrides, an extremely powerful feature for people who want to share configurations between environments

Optimized to work with serversideup/docker-php

• spin will come with optimizations to enhance the developer experience with serversideup/docker-php

Deploying servers in production

• Users can use any server provider they want (Digital Ocean, Vultr, a Raspberry Pi in their basement, etc)
• All servers will be managed securely with Key-based SSH authentication + Ansible
• The servers will be deployed as Single-Node Docker Swarm Clusters

Using Ansible

• Users will not need to understand Ansible, they will only need to edit simple YML or INI files
• Ansible will only be used to ensure each server in the user's settings is configured exactly the same
• Ansible execute via Docker -- the user will not need to know anything about configuring Ansible other then setting YML files

Ansible Roles

• Ansible roles will be automatically provided, allowing users to create a simple, single-host Swarm cluster
• The Ansible roles will NOT be stored in this repository, they will automatically be pulled from other repositories (most likely written by Server Side Up)

Possible Roles to include:

1. Common (harden the server, configure SSH users, etc)
2. Docker Swarm (configure a very basic Docker Swarm Master)

Configuring Server Settings

Users will need to configure three files:

settings.yml: The main settings for spin and all servers

##############################################################
# Spin Settings
##############################################################
spin_release_channel: stable

##############################################################
# System Settings
##############################################################

# Apply SSH port to all servers
ssh_port: "15210"

# Server contact for all notifications
server_contact: myawesomeadmin@example.com

# Apply a timezone to all servers
server_timezone: "UTC"

##############################################################
# Users
##############################################################

system_users:
  - username: jaydrogers
    name: Jay Rogers
    state: present
    groups: ['adm','sudo']
    shell: "/bin/bash"
    authorized_keys:
      - public_key: "ssh-ed25519 AAAAC3NzaC1lmyfakeublickeyMVIzwQXBzxxD9b8Erd1FKVvu jay"

  - username: danpastori
    name: Dan Pastori
    state: present
    groups: ['adm','sudo']
    shell: "/bin/bash"
    authorized_keys:
      - public_key: "ssh-ed25519 AAAAC3NzaC1anotherfakekeyIMVIzwQXBzxxD9b8Erd1FKVvu dan"

##############################################################
# MySQL Admins
##############################################################

mysql_admins:
  - mysql_admin_username: jay
    mysql_admin_password: mysupersecretpassword
    mysql_admin_permissions: "*.*:ALL,GRANT"
    state: present

  - mysql_admin_username: danpastori
    mysql_admin_password: youcantguessthis
    mysql_admin_permissions: "*.*:ALL,GRANT"
    state: present

hosts: Ansible hosts containing all servers to maintain

[env_staging]
myserver01.example.com

[env_production]
myserver02.example.com

conf/host_vars/{{ my server name }}: Host-specific variables

##############################################################
# MySQL Configuration
##############################################################

#MySQL Root
mysql_root_username: root
mysql_root_password: myrootpassword

Maintaining servers

• Users should be able to run spin maintain, which will automatically connect to their servers and perform important security updates with Ansible + SSH

Onboarding Experience

• A simple CLI wizard shall be created to onboard and configure the server settings for people

💪 In Summary

• spin should be extended to allow users to provision and manage servers using Ansible + SSH
• spin should not require any knowledge of setting up Docker or Ansible -- spin should do this for the user
• Users should be able to configure their settings in simple configuration files
• Users can run spin maintain or spin provision to quickly provision new servers or update their fleet of existing servers
• spin should continue to only have Docker installed as its only dependency. All other processes should be as "turn key" as possible

[cloudflare-workers-and-pages]

Deploying with    Cloudflare Pages

Latest commit:	250ee37
Status:	✅  Deploy successful!
Preview URL:	https://81b669a3.serversideup-spin.pages.dev
Branch Preview URL:	https://release-2-0.serversideup-spin.pages.dev

View logs